Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Connections
Archived Articles
Daily News | December 5, 2024

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program is working to achieve several milestones ahead of the Dec. 16 effective date for the first rulemaking that will formally launch the initiative.

The Insider | November 26, 2024

Rep. Gary Palmer (R-AL) has introduced a Congressional Review Act resolution that would roll back a final rulemaking to establish the Pentagon's Cybersecurity Maturity Model Certification program, as part of an effort by the GOP lawmaker to put Congress in a position to weigh in on major regulatory initiatives.

Daily News | November 26, 2024

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program is working with the ANSI National Accreditation Board (ANAB) on efforts to meet international standards and authorizations, according to Cyber AB CEO Matthew Travis.

Daily News | November 26, 2024

The Pentagon has proposed new requirements for defense companies who are competing for information technology, operational technology and cybersecurity contracts to disclose information on source code and computer code that are being shared with foreign governments as part of the acquisition process.

Daily News | November 12, 2024

The American Bar Association’s Public Contract Law section is urging the Defense Department to consider allowing a plan of action and milestones for contractors to address ongoing compliance issues with the Cybersecurity Maturity Model Certification program, as the Pentagon works to finalize a rulemaking to change its acquisition regulations.

Daily News | November 5, 2024

The Edison Electric Institute is asking the Defense Department to scope what is considered controlled unclassified information in the context of the Cybersecurity Maturity Model Certification program, building on comments submitted in February to reflect the current situation with the acquisition-focused proposed rule.

Daily News | November 1, 2024

The Coalition for Government Procurement is asking the Defense Department to provide guidance on when requirements under the Cybersecurity Maturity Model Certification program will go into effect for specific contracts, in response to a proposed rule to make changes to the Pentagon’s acquisition regulations.

Daily News | October 31, 2024

Defense prime contractors will start to consider whether their suppliers are meeting requirements under the Cybersecurity Maturity Model Certification program as part of the selection process for subcontractors down the supply chain, as work to launch the Pentagon initiative gets closer to fruition.

Daily News | October 29, 2024

The National Defense Industrial Association is raising concerns over how prime contractors will determine the maturity level needed for subcontracts and work through flow down requirements under the Pentagon’s final rule to establish the Cybersecurity Maturity Model Certification program.

Daily News | October 21, 2024

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program is expecting an increase in the number of assessment firms and certified assessors who want to participate in the Defense Department initiative, as work gets underway to stand up a formal ecosystem under the final programmatic rule.

Daily News | October 21, 2024

Two major defense associations are proposing to allow prime contractors access to an online system where companies who are part of the defense industrial base will provide the results of their Cybersecurity Model Certification assessments to the Pentagon.

Daily News | October 18, 2024

The publication on Tuesday of the final rule to establish the Pentagon's Cybersecurity Maturity Model Certification program kicks off workstreams developed over the last three years, according to program director Buddy Dees who spoke with Inside Cybersecurity on efforts to prepare for the launch and assessment needs.

Daily News | October 17, 2024

The Pentagon's decision to make many comments out of scope from its final rule on the Cybersecurity Maturity Model Certification program raises concerns over how the rollout will work in practice as contracting officers write requirements into solicitations, according to the Professional Services Council.

Daily News | October 17, 2024

A coalition of industry groups is asking the Defense Department to make changes to its proposed acquisition rule for the Cybersecurity Maturity Model Certification program to address concerns over affirmation of compliance and how to track flow-down requirements in supply chains.

Daily News | October 16, 2024

The Pentagon's final rule to implement the Cybersecurity Maturity Model Certification program addresses concerns from cloud service providers and managed service providers over how they can be used to help companies reach compliance with the Defense Department effort.

Daily News | October 16, 2024

The Defense Department has updated its website for the Cybersecurity Maturity Model Certification program with the latest versions of guides for the assessment and scoping, the CMMC model and a FAQ explaining key changes, as work gets underway to implement a final rule to establish the DOD initiative.

Daily News | October 15, 2024

The Pentagon has unveiled its plans to launch the Cybersecurity Maturity Model Certification through a final rule published today laying out key definitions, applicability for contractors and parameters for the assessment process.

Daily News | October 11, 2024

The Information Technology Industry Council identifies concerns over the Pentagon's plans on cyber incident reporting from contractors in the context of the Cybersecurity Maturity Model Certification program, in response to a proposed rulemaking focused on acquisition requirements.

Daily News | October 11, 2024

The Defense Department has released the final rule to formally establish the Cybersecurity Maturity Model Certification program, marking a major step forward in the Pentagon's work to launch version 2.0 of the initiative nearly three years after an internal review.

Daily News | October 9, 2024

The programmatic rule to formally launch the Pentagon's Cybersecurity Maturity Model Certification program is "imminent," according to Defense Department cyber chief David McKeown, who provided a rundown of where things stand with the rulemaking process and opportunities to help contractors reach compliance.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.